Through a practitioner-driven approach, S&T's Cyber Security Division (CSD) creates and deploys information resources—standards, frameworks, tools, and technologies to enable seamless and secure interactions among homeland security stakeholders. With its federal partners, CSD is working to strengthen capabilities to communicate, share, visualize, analyze, and protect information.
CSD leads the government’s charge in funding cybersecurity research and development (R&D) that results in deployable security solutions and implementation of an aggressive cybersecurity research agenda encompassing the full lifecycle of technology—research, development, test, evaluation, and transition to practice—to produce unclassified solutions that can be implemented in both the public and private sectors. Therefore, S&T is able to move these solutions from the lab to real life, so they reach the U.S. businesses and citizens who need them to secure their networks. It means that the results of this research can have an enormous impact in every home and business in the United States, as well as throughout government and the world.
To accomplish its mission and serve its customers, CSD has organized its work into five major program areas:
Trustworthy Cyber Infrastructure (TCI) — focuses on ensuring that the nation's critical infrastructure – such as the oil and gas pipelines, information infrastructure, and the Internet – become more secure and less vulnerable to malicious and natural events.
- Internet Measurement and Attack Modeling
- Process Control Systems (PCS) Security
- Secure Protocols
- Cyber Infrastructure & Emerging Threats (DECIDE)
Foundational Elements of Cyber Systems (FECS) — focuses R&D activities on the characteristics that are essential to the desired end-states of trustworthy cyber systems and accelerates the transition of new cybersecurity technologies into commercial products and services.
- Cyber Economic Incentives (CNCI)
- Enterprise Level Security Metrics and Usability
- Homeland Open Security Technology (HOST)
- Leap Ahead Technologies (CNCI)
- Moving Target Defense (CNCI)
- Software Quality Assurance
- Tailored Trustworthy Spaces (CNCI)
Cybersecurity User Protection & Education (CUPE) — focuses R&D activities on developing ways to help all types of users – from improving the security and protection of user online activity, to attracting the next generation of cybersecurity warriors, to providing the tools needed for investigating cyber criminal and terrorist activity.
- Cybersecurity Competitions
- Cyber Security Forensics
- Identity Management & Data Privacy Technologies
- Insider Threat
Research Infrastructure to Support Cybersecurity (RISC) — provides a national and international-level research infrastructure to enable the cybersecurity research community to discover, test, and analyze state of-the-art tools, technologies, and software in a scientifically rigorous and ethical manner.
- Experimental Research Testbed (DETER)
- Research Data Repository (PREDICT)
- Software Assurance Marketplace (SWAMP)
Cyber Technology Evaluation and Transition (CTET) — provides a coordinated process of assessments, evaluations, and operational experiments and pilots to transition the fruits of research into practice.
- Cyber Security Assessment and Evaluation
- Cyber Security Experiments and Pilots
- Transition to Practice (CNCI)
CSD awarded new contracts for BAA 11-02 in fourteen Technical Topic Areas aimed at improving security in both Federal networks and the larger Internet from cyber attacks. A listing of these awards can be found on the New Projects page.